IT Security News, News 3 December 2019

What is a Disaster Recovery Plan (DRP) & Why is it Essential?

Does your business have a disaster recovery plan if the worst were to happen?

Carl Enser, Sales Director, Fabric

So, the worst has happened. It’s 10 am on Monday, and your IT systems have gone down. Your staff can’t work, and you’re losing valuable time and money. It’s a disaster. What do you do? Begin your disaster recovery plan.

What is Disaster Recovery?

Disaster recovery (DR) is ensuring you have the policies, tools and procedures in place to recover your businesses technology infrastructure in the event of a disaster. Your disaster recovery plan should include the likely disaster types: fires, theft, floods and cyber-attacks, and the impact of each.

A disaster recovery plan should run alongside your business continuity plan (BCP). A BCP looks at the bigger picture and considers much more than just your technology infrastructure. See my other blog post to read more on what business continuity planning involves.

A Tried and Tested Recovery Plan

When it’s time to dust off your plan and start the process of getting back online, are you sure it’ll work? If your plan is well thought out, it should have been tested recently. At Fabric IT, we recommend that you perform a recovery test at least once per year. Recovery tests should give you a clear understanding of your Recovery Time Objectives (RTO), and Recovery Point Objectives (RPO).

Recovery Time Objectives (RTO) – The targeted duration of time and a service level within which a business process must be restored after a disaster (or disruption). This avoids the unacceptable consequences associated with a break in business continuity.

Recovery Point Objectives (RPO) – The maximum period in which data could be lost from an IT service due to a significant incident.

Working out the Damage: RTO and RPO

As an example, imagine a situation where you’re reliant on a single, daily backup of your business data. You organise a full backup of your system at 10 pm each night; this is your RPO. A disaster occurs one night, your IT system shuts down and isn’t resolved until 5 pm the next day. All data created between 10 pm the night before and 5 pm that day would be lost entirely. Your RTO, the maximum time taken to restore the disruption, is 8 hours. Not only is that data lost during the IT system downtime but with the additional 8 hours it might take to fix it, you’re looking at losing up to 26 hours of data.

The loss of your data can be avoided with IT systems such as SharePoint and Office 365. These systems do versioning which is where they take near-instant backups of files – Cloud-based solutions like this help to keep data loss to a minimum.

Read more… what does Sharepoint do?

In conclusion, disaster recovery is about understanding the business risks, the RTO and RPO and balancing the risk with the costs of implementing an IT solution that minimises the chance of a disaster.

Does your business have a disaster recovery plan if the worst were to happen?

Carl Enser, Sales Director, Fabric

Get in touch Back to blog